Académique Documents
Professionnel Documents
Culture Documents
Version 1.0
Submitted By:-
BirlaSoft Inc
To generate your CSR, you will need to log in to your server and use the following instructions:
Click the 'Start' menu. Select 'Administrative Tools', then 'Internet Information Services
(IIS) Manager'.
In the menu, click the 'Server Certificates' button in the 'Security' section.
On the right-hand-side, click the 'Create Certificate Request...' Action. This will begin the
Request Certificate Wizard.
Fill out your information. The Common name is where you should enter the fully
qualified domain name of the website you require the certificate for. For wildcard
certificates, this is in the format *.mydomain.com. Click 'Next'.
In the menu, click the 'Server Certificates' button in the 'Security' section.
On the right-hand-side, click the 'Create Certificate Request...' Action. This will begin the
Request Certificate Wizard.
The wizard will prompt for the certificate. Enter the certificate path and filename (this
can have a .cer or .crt extension), and enter a 'Friendly Name'. This is simply a name for
the certificate for your own reference. We advise you to use the domain name of the
certificate.
Click 'OK', and the certificate will be installed.
Note: Due to a bug in IIS 7, you may receive an error message at this point:
"Cannot find the certificate request associated with this certificate file. A certificate
Submitted By: BirlaSoft Page
5 of 11
Classification: GE Birlasoft Confidential
Version 1.0
request must be completed on the computer where it was created.", or an error referring
to a "Bad ASN1 tag.".
As long as you generated the CSR on this server, you can simply click 'OK' to the error
message, and refresh the certificate list in IIS 7. In most cases, the certificate will actually
be correctly installed.
Now the certificate is installed, IIS 7 requires that bindings be added to the site requiring
the certificate.
Select the website from the left-hand side, and on the right-hand menu, click 'Bindings...'.
Change the 'Type' setting to 'https'. Select the site's IP address (or leave to 'All
Unassigned' if this is the only site with an SSL certificate on this server). Leave the 'Port'
at 443 unless you know you can change it. From the 'SSL certificate' drop-down menu,
choose the name of the certificate you just installed. The 'View' button can be used to
confirm which certificate you have chosen.
Finally click 'OK' to add the binding, and click 'Close' in the 'Site Bindings' window.
Leave the 'Cryptographic service provider' as default. The 'Bit length' can be changed, we
recommend a minimum of 1024-bit, and 2048-bit where possible. Click 'Next'.
Your CSR is now generated. Open the 'certreq.txt' file with a text-editor and copy and
paste the contents into the enrollment form when requested.